Manager Information Security
Resume:
Objective
** ***** ** ************** *** security project managements in finance, technology and healthcare sectors; and,
Seeking a full time or contract role as a cybersecurity / infrastructure project Manager.
Employer 1
Project Manager (Contract)
Toronto, Ontario
Jul 2019 – Present
Traveled abroad and managed the construction of my cottage in Northern Bruce Peninsula.
Scalar Decisions
Project Manager (Contract)
Toronto, Ontario
Sep 2018 – Sep 2019
Managed 18 project workstreams, ranging from $19M to $5MM in value, across public and technolgoy sectors.
UHN Compute, Storage and Datacentre Refresh
Engaged & managed internal and external teams - Commvault, NetApp, Dell, Plan Group and Vertive - to upgrade a DC’s UPS and electrical system & install a resilient and load balanced virtual compute and storage infrastructure, across 3 datacentres.
Implemented a homogeneous, stretched VMWare on Dell M1000e & M640 blades; NetApp MetroCluster technology with Qstar across 2 sites; and, low cost, bulk storage with multi-site resiliency through Dell EMC and HA proxy.
The total contract value for the project was $5MM CDN, with 20 internal and external resources located across Canada and the United States.
Miovision Security Program
Planned and managed the development of an IT and cybersecurity roadmap as a consulting engagement, to further develop Miovision’s posture around the pillars of Governance, Secure State, Vigilance, and Resilience
Managed resources to interview SMEs; develop tailored, master documentation policies and process lists; and to deliver, socialize and attain approvals from stakeholders for final products.
The project was executed with two resources on time and within the budget of $40M.
Sunnybrook Infoblox Secondary Zone Creation
Replaced BD8800 core switches with Cisco C4500x and 9300; decommissioned the legacy switches; and installed an HA pair of Infoblox appliances into an existing infoblox grid as a secondary zone.
Coordinated the activities of 6 resources to kick off the project, develop project and technical, procedural documentation, and communications to affected users; supervised the racking and stacking of the pre-configured devices during the cutover.
Engagement revenue, excluding hardware and software, amounted to about $25M, with three internal and external resources.
Sheridan Hyper-converged Infrastructure
Built and executed a plan to build a Nutanix hyper-converged cluster with ESXi hypervisor to replace Sheridan’s legacy triple-tiered infrastructure in 3 sites.
Scalar resources built a 3 node Nutanix cluster followed by a single node expansion to train and enable Sheridan IT to build and expand the other clusters unassisted, and as required on an ongoing basis.
This was a professional services engagement with three external and one internal resource, resulting in $19M in revenue
OpenText Corporation
Project Manager (Contract)
Toronto, Ontario
Jul 2017 – Aug 2018
Took over, replanned, and delivered a portfolio of security and infrastructure projects, with internal and external resources located across the globe.
LogRythm SIEM
Worked with stakeholders and senior leadership in CISO’s office to rapidly develop the project plans for LogRythm SIEM, to double consumption of log messages from 15,000 to 30,000 messages per second.
Executed the project in three stages: build of an intermediary environment to maintain current security posture; taking the existing environments offline to expire the data; and upgrade both environments to increase capacity for the additional load.
Resources included OpenText security professionals, LogRythm PS resources, and SecureSense support personnel. The budget was $2MM in hardware and $750M in professional services..
Digital Certificates
Lead cross-functional teams from Asia, Europe and North America to gather requirements, to the design, execution and deployment of digital certificates to 22,000 end points and mobile devices to enforce security access policies on authorized devices.
Comodo hosted the CA authority; three proxy servers, hosted around the globe, managed certificate lifecycles; and internal infrastructure comprised of Airwatch and AD provided authentication and authorization.
With a baseline budget of $200M, the project was executed in two phases of QA and production, followed by testing and stabilization periods for each phase.
SentinelOne
Successfully planned the installation and testing of SentinelOne agents and a central console to provide a cloud based protection against malware, spyware, and new breeds of behavioural attacks from users, applications and devices.
Agents were installed on 15,000 end points; 5,000 infrastructure servers; 12,000 business servers; and 3,000+ lab servers.
The budget consisted of software licensing capitalized before project start and internal resource efforts negotiated and allocated out of the base, managed by CISO’s office.
Cybersecurity Remediation Project
The project was focused on the remediation of IT and cyber security deficiencies found through a red and blue team exercise.
A list of deficiencies, ranging from discovered viruses, Trojans and spyware to malware, ransomware, zero day attack, and poor passwords, were developed and traced back to a infrastructure owners, the line of business leader, and assigned to operations’ managers with preferred option.
The project communicated the security posture requirements, negotiated acceptable remedies and reported the results on a regular basis to the CISO’s office. The budget consisted of FTE resources and vendor expenses, covered by CISO’s office.
Office 365 Migration
Managed the full-scale implementation of Exchange 2016 migration, O365 hybrid migration, Skype for Business, Yammer, and OneDrive for 30,000 mailboxes and 12,000 users from various versions of Exchange, Lync and Office Communicator infrastructure across the globe. Some legacy applications had to be left on a legacy 2016 Exchange environment.
Affected groups and users were divided into groups and sub-groups, with emails pointing to instructions on an internal blog and FAQ, starting three weeks prior to migrations. Each group’s accounts were prepared a week prior to migration and allowed to sync prior to the assigned migration weekend.
The migration resulted in a net positive savings of $300M dollars per year.
Tata Consulting Services
Project Manager (Contract)
Toronto, Ontario
May 2013 – Jul 2017
Managed infrastructure and application development projects as a client facing project manager for 3 clients in the banking sector- CIBC, TD and BMO.
CIBC Mortgages and Lending Upgrades
Managed the infrastructure and applications upgrades of two of CIBC’s Mortgages and Lending group - FICO’s Origination Manager, a workflow for lending and loan management, and FIMMAS, an insurance and loans application. The applications consisted of three tiers of presentation, applications and databases, totalling 42 servers.
Starting with development to production, each environment was built on latest hardware, 64-bit Windows OS and MS SQL databases in the backend on an internal cloud. Legacy hardware was decommissioned after successful testing.
The funding was provided and managed by CIBC’s Technology Infrastructure.
CIBC Frontline Incentives
Developed the charter and the plans for frontline GIC sales commission and incentive calculations, with a team of IT and business resources, risk management office, and stakeholders at TCS and CIBC.
Frontline staff broke down a large GIC sale into smaller deals in order to increase their incentives, using a loophole. The project developed a GIC product datamodel, with associated commissions. An Oracle database was designed to host the product information and meta data. A calculation agent, built in Java, calculated the commissions and presented it on a shared IIS instance.
The project was executed at the cost of $378M, and produced an annual savings of $1MM.
TD Oracle Fusion
Defined the scope, secured and managed resources onshore and offshore to develop the requirements, project plans and the execution strategy, to outsource 2nd level support of Oracle Fusion application to TCS.
Execution was divided into three stages: planning, R&R and knowledge transfer between onshore and offshore resources; transfer of system administration duties while continuing support in Toronto; transfer of support activities offshore.
Budget was purely consulting hours and funded by offshore operations teams.
TD Dual Browser Migration Project
Worked with all stakeholders and senior leaders to rapidly develop multi-pronged implementation project plans for Dual Browser Migration Project.
Fifty six applications, with their owners, users and stakeholders were identified and tracked to ascertain the impact of using Chrome in addition to Microsoft Internet Explorer to all internal TD applications.
Each application adopted or re-developed existing tests to determine compliance with TD dual browser policy. About 10% of the interfaces of the applications required changes and subsequent testing. The project was funded by TD’s Currency Program.
BMO HUB Release Manager
Organized and planned the release of up to 75 software services and packages into the highly available HUB infrastructure, during a single weekend, delivering 4 successful releases in a single year.
Each quarter started through discussions with development and operational stakeholders to identify the needs of each application project; the development, publication and maintenance of a cohesive plan for that release; coordination of testing and release activities; and a process for line managers to accept or reverse a particular application’s release.
The budget was controlled by application project managers within a release, and infrastructure costs funded by base operations. Infrastructure project costs were funded by base operations.
CIBC
Project Manager
Toronto, Ontario
Jun 2004 – May 2013
Managed technology infrastructure and security projects for nine years. The following are samples of these projects.
Surf Control Implementation
Formed and lead a group of engineers to design and implement SurfControl (WebSense) infrastructure to control 5000 employees’ access to web sites, including restricted and forbidden sites, not relevant to business.
The scope included the installation of 5 collectors and 2 MS SQL database servers in production across two sites, and 2 collectors and 1 SQL server in shared UAT and Contingency.
Established and documented the standards, processes and service level agreements between HP and CIBC at a one-time cost of $500M and $80M in annual run costs.
Active Directory Forest Implementation and Migration
Lead the design, build and implementation of I3's AD Forest with a delegated administration model.
Infrastructure comprised of servers and services including AD Domain Service, Certificate Services, and NTDS databases across two sites. The scope included the planning, communication and migrations across 7 major processing centres and 10 satellite sites and offices across Canada, 2500 User accounts, 300 groups, 1850 Workstations, and 100 Servers from NT 4.0 Domain model to Active Directory, and consolidation of 50 admin groups into 10.
The costs of $1MM in one-time, and $250M in ongoing was managed by the Currency Program.
Cryptography Standards
Secured and managed resources from Enterprise Information Security groups at CIBC and HP to research, analyze and develop a standard for cryptography.
Lead the efforts to define and operationalize the standardization of Advanced Encryption Standards (AES) and (RSA) over Data Encryption Standard (DES) and OpenPGP.
Acting as editor, produce the first draft with the team, and worked with a technical writer to produce the final output.
Fraud and Scoring Agent Implementation
Partnered with external providers and vendor resources to upgrade and retrain Proactive Risk Manager (PRM), the fraud and scoring agents designed to detect web based fraud.
The work was split into deployment and testing of the infrastructure comprised of 4 Sun Fire V440s and 1 Sun Fire V280 to host the scoring engine and for the presentation and analysis of the data.
Existing data was extracted, prepared and incorporated into the new data model; and a new GUI was developed and installed for presentation and reporting via Apache Tomcat, installed into IIS
PKI Replacement
Established a team of security, Tandem and Windows engineering resources to replace the SSS PKI solution on the Tandem with ENTRUST utilities running on the Windows platform. The solution protected the settlement and reconciliation files, transactions between CIBC and Certapay, to increase stability and the looming expiry of SSS PKI.
The solution created a hardened Windows infrastructure in Dev, UAT and production; Configured and tested FTP services; obtained new certificates; developed new jobs to encrypt, decrypt and transfer the files; and the network engineering and testing between the nodes, LDAP and Certificate Authority. Prior to decommissioning of the existing services, the project identified and gathered appropriate performance data to measure and compare loads, complications and intrusive behaviours.
Project closure, at a cost of $60M one-time, sought and attained signoffs from stakeholders in Enterprise Information Services, Retail Banking, Legal and Audit department.
Extranet SPoF
Successfully developed and proposed a plan to identify and remove single points of failures (SPoFs) in the Small Business Unit's extranet, used by a number of external and internal clients and lines of business.
Assembled a network team to interface with clients, assess the needs of each line of business, identify SPoFs and their impact to lines of business, and to determine hardware and software requirements, to propose a solution.
Developed and presented a high level design, project plan, and one-time and ongoing costs, to obtain management approvals for a total contract value of $386,000, to ensure sustainability of the bank's business with small to mid-sized companies.
CAMS Hardware Security Modules (HSM)
Initiated and implemented the installation, configuration, testing and of the Cards Access Management System (CAMS) to store its Cryptographic Key Store (or CKS), as a prerequisite for magnetic to chip card migrations.
The CAMS subsystem consisted of three (3) servers - a Webserver; an Application server; and a database server- in each of dev/UAT, contingency and production sites. Each environment hosted two Eracom Hardware Security Modules (HSM) and firewall blades to provide security and encryption services, and to filter traffic to HTTPS, FTP and systems management traffic.
The project was executed on time and within its budget of $260K.
Project Management Skills
Providing assertive written and verbal communication to express the project's resourcing, progress, as a common goal to project team, cross-functional stakeholders, business sponsors, and vendors
Strong leadership skills to oversee and coordinate tasks, motivate and encourage the teams, and to define the road map for successful completion of the project.
Ability to adjust to organizations of various size and in different sectors, to document according to business requirements, prioritize tasks and resources negotiations according to size of organization and availability of resources
Combining team management styles as required by the situation to gain buy-in for project vision, fostering democratic engagement, encouraging revolutionary transformation as required by stakeholders, and coaching.
Proven Time, Risk, problem-solving, and budget management
Excellent understanding of common infrastructure, with an ability to effectively summarize technical options, best solution, and the implications of costs, quality and time
Expert research and reporting skills, understanding of office suites on Windows and Linux, and the abiltiy to take large or complex sets of data and produced reports for various audiences
Demonstrated ability to apply waterfall, agile and SCRUM frameworks throughout the lifecycle of a project.
An active listener, always trying to see the other viewpoints and manage conflict by bridging views for the success of the projectSolid experience in decision making and negotiations
ITIL & Information Security
Education
McMaster University, B.A. – Political Science & Computer Science, 1996
University of Toronto M.A. – Technology Transfer, 1998
DesTech Consulting and Training, ORACLE DBA, 2000
HP Canada, Negotiations Mastery, 2003
HP Canada, ITIL, 2004
University of Toronto, IT Project Management, 2005
PMI, PMP, 2005 (needs recertification)
Inst. for Human Health & Potential, Emotional Intelligence, 2005
Contact this candidate